The Weekly HELO – January 31st

Posted by Melinda Plemel 

by Melinda Plemel
Senior Receiver Relationship Manager

The Pentagon phished? The government getting grabby? Facebook experimenting with privacy?

Welcome to the first edition of Return Path’s new feature, The Weekly HELO! Each week, Melinda Plemel synopsizes some of the most interesting current happenings in email technology and messaging abuse.


Even the Pentagon isn’t safe from Phish

The Pentagon Federal Credit Union, which apparently “has nearly a million members, most of them members of the Coast Guard, Army, Air Force, Defense Department, Veterans of Foreign Wars and Department of Homeland Security,” has reported a data breach.

We all know how difficult it’s becoming to fight these phishing attacks. Banks being phished are one of the first forms of phishing that hit the super highway, and as we’ve seen these attacks have grown and become even more clever in the way the disguise themselves. But the old rules still apply: if you didn’t ask for it, then don’t open it, no matter how enticing it might be.

The Government needs more data

The Justice department is concerned that ISPs don’t keep enough information on their customers, and would like more to help fight crime.

Seems like this puts ISPs between a rock and a hard place. One the one hand, who doesn’t want to help stop crime? But on the other, ISPs and other service providers have to respect individual privacy. Not to mention, this would definitely be a strain on many systems to maintain more data for longer at an ISP. What do you think?

The privacy of Facebook

As we’ve all seen, Facebook still struggles with privacy: what to give, and what not to give. Looks they are experimenting with increasing security by offering a couple of new things.

1. The option to use HTTPS (secure HTTP) while using Facebook, to protect your account and privacy from snooping. However, it’s opt-in. Why, FB? Why not just make it the default? Personally I say just do it, why give anyone the chance to access information you really don’t want them to?

2. Social Authentication. A CAPTCHA, but rather than scrambled letters this version will show the account holder pictures of their friends and ask that the account holder identify who they are. Pretty clever — hopefully you tagged your friends well. Obvious question: won’t this make it easier for your friends to hack into your account?

Image by Ordered Chaos, used under a Creative Commons license.

Author Image

About Melinda Plemel

Melinda has been working at Return Path for 9 years and is currently the Senior Industry Advocate and is responsible for managing global partners that join Return Path's Data Exchange program and emerging markets. She is the key to helping and educating Return Path on mailbox providers, anti-spam, and email technology trends, as well as to educating receivers about everything Return Path has to offer.

Author Archive